We have automatic password change feature in SharePoint 2013. We have different managed accounts. Farm Account, application pool accounts and service accounts are created as managed accounts. Are there any consequences if we enable automatic password change settings to all these types of accounts? Or is there any recommendation that enable automatic password change settings for only certain type of accounts?

2 Answers
2

You can change the password automatically and that is working for many customers but for us it did not. There are couple of accounts which you can't update automatically i.e user profile sync account etc.

We set automatic password for app pool account, on schedule time, SharePoint change the password and trying to update the app pools(we have 10 app pools) on all servers...there is intruption and system update half app pool but fail to update remaining...so this cause the account blockage and bring all web apps down.

Almost Same Thing Happened with farm admin account and we spend couple of hours to fix the account.

Thanks for your comments. I understand that it is good to schedule downtime and perform password reset manually and I agree. We have service accounts that are configured to auto change password and we have not configured the farm account and application pool accounts for auto change. Since auto password change is not enabled for some managed accounts, we are daily getting a notification saying that password is expired for the farm and app pool accounts and we know password is not expired. Is there a way to stop these notifications for the accounts that we have not configured auto change?
– Crow CanyonJan 27 '18 at 17:51

Where u are getting notification from SharePoint or AD or other tool? What exact message is? I don't think if there is any health rule related to this but may be.
– Waqas Sarwar MVP♦Jan 27 '18 at 17:56

We have configured "Notification E-Mail Address" in "Password Management Settings" in Central Administration and we receive mail to the configured email in this setting. Message is: "The following accounts have passwords that have expired and require immediate attention" and below to this message, it is listing all the accounts that are not configured auto change password settings.
– Crow CanyonJan 27 '18 at 18:10